Edit: Also this only seems to be affecting CPU architectures in between Sandy Bridge and Coffee Lake (so like the 3000 series to the 7000 series?), so if you are still running a 2550k on your home PC like I am then you shouldn't see any problems.

Really? The things I've read indicate that everything past the original Pentium suffers from this flaw.

Edit: I'm not pretending to be an expert here, I've never followed the dumb codenames closely.

Yeah, this is because you have Sandy Bridge-E and the HEDT/server socket chips are out of step with the regular desktop and laptop chips by 1 generation. Sandy Bridge Socket 1155 is 2000-series, but Socket 2011 is 3000-series along with Ivy Bridge Socket 1155. Ivy Bridge Socket 2011 is 4000-series along with Haswell Socket 1150, and then Haswell socket 2011-3 is 5000-series like Broadwell which didn't even have a full desktop release...

Yeah, this is because you have Sandy Bridge-E and the HEDT/server socket chips are out of step with the regular desktop and laptop chips by 1 generation. Sandy Bridge Socket 1155 is 2000-series, but Socket 2011 is 3000-series along with Ivy Bridge Socket 1155. Ivy Bridge Socket 2011 is 4000-series along with Haswell Socket 1150, and then Haswell socket 2011-3 is 5000-series like Broadwell which didn't even have a full desktop release...

It's a mess. Thanks, Intel!

I stopped understanding all this business with the death of the Athlon XP.

WHY WAS I NOT NOTIFIED OF THE CHANGE OF LOCATION FOR THE "a TICKET CAME IN" THREAD?!?!?!

I HAVE BEEN UNABLE TO PROPERLY AVOID MY DAY TO DAY WORK FOR TWO DAYS BECAUSE I WAS NOT NOTIFIED OF THIS. AND BEFORE YOU SAY I SHOULD HAVE BEEN READING MY THREADS, IT IS NOT MY RESPONSIBILITY TO PAY ATTENTION TO ANY OF THE 6 PAGES THAT HAVE ALREADY BEEN MADE REGARDING THIS.

i'M cc'ING MY MANAGER AND YOUR MANAGER AND THE ceo JUST TO BE SURE THIS DOESN'T HAPPEN AGAIN.

WHY WAS I NOT NOTIFIED OF THE CHANGE OF LOCATION FOR THE "a TICKET CAME IN" THREAD?!?!?!

I HAVE BEEN UNABLE TO PROPERLY AVOID MY DAY TO DAY WORK FOR TWO DAYS BECAUSE I WAS NOT NOTIFIED OF THIS. AND BEFORE YOU SAY I SHOULD HAVE BEEN READING MY THREADS, IT IS NOT MY RESPONSIBILITY TO PAY ATTENTION TO ANY OF THE 6 PAGES THAT HAVE ALREADY BEEN MADE REGARDING THIS.

i'M cc'ING MY MANAGER AND YOUR MANAGER AND THE ceo JUST TO BE SURE THIS DOESN'T HAPPEN AGAIN.

WHY WAS I NOT NOTIFIED OF THE CHANGE OF LOCATION FOR THE "a TICKET CAME IN" THREAD?!?!?!

I HAVE BEEN UNABLE TO PROPERLY AVOID MY DAY TO DAY WORK FOR TWO DAYS BECAUSE I WAS NOT NOTIFIED OF THIS. AND BEFORE YOU SAY I SHOULD HAVE BEEN READING MY THREADS, IT IS NOT MY RESPONSIBILITY TO PAY ATTENTION TO ANY OF THE 6 PAGES THAT HAVE ALREADY BEEN MADE REGARDING THIS.

i'M cc'ING MY MANAGER AND YOUR MANAGER AND THE ceo JUST TO BE SURE THIS DOESN'T HAPPEN AGAIN.

Also, it looks like the CEO of Intel dumped as much of his stock as possible just before Christmas.

There is still an embargo on the actual information, but now I have seen some sources that all chips from the Pentium Pro onwards are affected, Jesus.

From that article:

quote:

Finally, if you are of the opinion that us media types are being hysterical about this design blunder, check this out: CERT recommends throwing away your CPU and buying an non-vulnerable one to truly fix the issue.

Update: Just got some info from a security tech at one of our vendors. Some choice quotes:

quote:

Summary
Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.

quote:

Scope
Desktop, Laptop, and Cloud computers may be affected by Meltdown. More technically, every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013). Currently only validated on Intel based processors.

Cloud providers which use Intel CPUs and Xen PV as virtualization without having patches applied. Furthermore, cloud providers without real hardware virtualization, relying on containers that share one kernel, such as Docker, LXC, or OpenVZ are affected. This is basically all the providers Azure, AWS, Google Cloud.

UPON FURTHER TESTING IT HAS BEEN DETERMINED THE EVENT HAS CLEARED AND A DISPATCH IS NO LONGER NEEDED. PLEASE VERIFY YOUR POWER. IF AFTER VERIFICATION YOU FEEL THERE IS STILL AN ISSUE, PLEASE CONTACT H O T S TO FURTHER TROUBLESHOOT

code:

Set-OrganizationConfig -FocusedInBoxOn $false

Disable it for a single mailbox

code:

Set-FocusedInbox bleh\@example.com -FocusedInboxOn $false

Ty! Our solution thus far has been to send out instructions for disabling it in Office 365's settings. I'd disable it for the whole tenant if I had things my way but like three people in management LOOOOOOOOOOOOOVE the feature so it stays.

Ty! Our solution thus far has been to send out instructions for disabling it in Office 365's settings. I'd disable it for the whole tenant if I had things my way but like three people in management LOOOOOOOOOOOOOVE the feature so it stays.

User's account is expired. They call to ask why they can't log in. I tell them their account is expired, and we need a manager to give us a new expiry date (or tell us the person is now permanent) to re-enable the account. This is our security policy.

First they tried to play sympathy, saying they were actively supporting students. Then they tried to play urgency, saying assignments would be arriving in a week for them to mark. Then they tried to say it was too difficult to get ahold of their supervisor, they were still on vacation.

Told them they should get on trying to contact their manager, because it takes us about 30 seconds to re-enable the account once we get the okay.

User's account is expired. They call to ask why they can't log in. I tell them their account is expired, and we need a manager to give us a new expiry date (or tell us the person is now permanent) to re-enable the account. This is our security policy.

First they tried to play sympathy, saying they were actively supporting students. Then they tried to play urgency, saying assignments would be arriving in a week for them to mark. Then they tried to say it was too difficult to get ahold of their supervisor, they were still on vacation.

Told them they should get on trying to contact their manager, because it takes us about 30 seconds to re-enable the account once we get the okay.

"Well can I just give you my new expiry date?"

Same thing happens here, but for building access badge changes.

"Yeah I need my badge to open &School"
"We need an email from the building principal or the director of Food Services (if you work for food services)"
"Can't I just email you?"
"no."

You can't disable clutter for the tenant, but you can disable it for all (currently existing) mailboxes. It's up to you if you want to change your make-a-mailbox procedure, or just schedule the removal.

Thank you for taking my call today.
The unit became irresponsiv
Looking into the crashlog we did not see any clue related to the non responsiveness of the Fortigate.
-The system log shows high cpu or high memory -The unit does not seems to have been rebooted for more than a year, which can cause some processes to hang. In this case only a reboot can solve the issue.

Really hope it doesn't otherwise my life is going to be a living hell for a while.

The vulnerabilities requires the attacker is able to execute code. Usually networking equipment wouldn't accept code to run from arbitrary sources, I think? So it would need to be combined with another vulnerability as a manner of privilege escalation.

Description: User is having issues with blocked website. Wants to speak to someone about it. (https://www.foxnews.com)

I called the guy and was treated to a 15 minute tirade about fake news. I work for a local government, and he was asking me things like " which one of those liberals at city hall told yall to block fox news? " " I can get to fake rear end CNN just fine, but not my fox news. " " I've been here 15 years and never have I seen such bias" and so on and so on. Once I managed to talk him down off the ledge, we determine that his aircard had dropped off because he was at a lift station in the middle of nofuckingwhere.

My only complaint about working here is the helpdesk is staffed by university interns and they are completely useless. When they actually can be arsed to fill in a ticket with information like phone numbers and location they just dump everything into the network group's queue.

The vulnerabilities requires the attacker is able to execute code. Usually networking equipment wouldn't accept code to run from arbitrary sources, I think? So it would need to be combined with another vulnerability as a manner of privilege escalation.

Most likely.

I know of a couple devices that do allow easy break out (as a matter of design) to the underlying OS the appliance runs on, but for the most part your Cisco/Juniper/Extreme switches won't generally be susceptible to Meltdown or Spectre without something worse being wrong.

I know of a couple devices that do allow easy break out (as a matter of design) to the underlying OS the appliance runs on, but for the most part your Cisco/Juniper/Extreme switches won't generally be susceptible to Meltdown or Spectre without something worse being wrong.

This makes sense since it's really just a bunch of interrelated applications running on top of <open source OS>. Most IDS/IPS (and some firewalls) are likely similar.

The stuff I saw from PA today was an emergency content update with new vulnerability signatures for: